lib/onebox/sanitize_config.rb in onebox-1.8.85 vs lib/onebox/sanitize_config.rb in onebox-1.8.86
- old
+ new
@@ -8,10 +8,10 @@
attributes: {
'a' => RELAXED[:attributes]['a'] + %w(target),
'audio' => %w[controls],
'embed' => %w[height src type width],
- 'iframe' => %w[allowfullscreen frameborder height scrolling src width],
+ 'iframe' => %w[allowfullscreen frameborder height scrolling src width data-original-href],
'source' => %w[src type],
'video' => %w[controls height loop width autoplay muted poster],
'path' => %w[d],
'svg' => ['aria-hidden', 'width', 'height', 'viewbox'],
'div' => [:data], # any data-* attributes